Hyland OnBase 19.x and below – Log Injection And Denial Of Service

Posted by AdaptiveSecurity Consulting via Fulldisclosure on Sep 07

CVSSv3.1 Score
————————————————-
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Vendor
————————————————-
Hyland Software – (https://www.hyland.com/en/ and https://www.onbase.com/en/)

Product
————————————————-
Hyland OnBase
All derivatives based on OnBase

Versions Affected
————————————————-
All versions up to and prior to OnBase…

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Patreon

Original Source